Enabling the Microsoft login in SELMA allows users to authenticate themselves, using their Microsoft accounts. This improves the User Experience by allowing you to sign-in with a click of a button, as opposed to traditionally typing out your username and password.
In this Section:
Retrieve Values from Microsoft Entra
Please follow the guide, here, until you retrieve the following IDs:
- Client ID
- Tenant ID
- Client Secret Key
Then, contact SELMA Support to configure the OAuth2 Integration for your SELMA instance.
Test the Integration
Once the SELMA team have configured the integration, Users should log out of their accounts, and sign-in using Microsoft.
Figure 1. Login with Microsoft | SELMA Login Screen
On the SELMA login page, click the button “Login with Microsoft”.
Figure 2. Sign Into your Microsoft Account
Sign in as you would normally, and grant permission to SELMA to access your profile information, if needed.
Figure 3. SELMA Account
You will be redirected back to SELMA and logged in successfully.
Important Notes
- Setup Process:
- The Azure App setup is done by your organisation, but the SELMA integration is configured by the SELMA team
- Credentials Security:
- Store your Application ID, Directory ID, and Client Secret securely before sending them to the SELMA team
- Email Matching:
- Users must have the same email address in both SELMA and their Microsoft account for the login process to work
- Secret Expiry:
- Remember to renew your client secret before it expires and provide the new secret to the SELMA team
Trouble-Shooting
- “Invalid client” error:
- Check that the correct Application ID, Directory ID, and Client Secret were provided to the SELMA team
- “Redirect URI mismatch”: Ensure the redirect URI in Azure exactly matches the format
https://subdomain.selma.app/connect/azure/check
- Secret expiry issues:
- If authentication suddenly stops working, check if the client secret has expired in Azure